Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-22340

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Published

2023-02-01T18:15:11.057

Last Modified

2024-11-21T07:44:35.693

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-476
  • Type: Primary
    CWE-476
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application f5 big-ip_access_policy_manager ≤ 13.1.5 Yes
Application f5 big-ip_access_policy_manager < 14.1.5.3 Yes
Application f5 big-ip_access_policy_manager < 15.1.8 Yes
Application f5 big-ip_access_policy_manager < 16.1.3.3 Yes
Application f5 big-ip_access_policy_manager < 17.0.0.2 Yes
Application f5 big-ip_advanced_firewall_manager ≤ 13.1.5 Yes
Application f5 big-ip_advanced_firewall_manager < 14.1.5.3 Yes
Application f5 big-ip_advanced_firewall_manager < 15.1.8 Yes
Application f5 big-ip_advanced_firewall_manager < 16.1.3.3 Yes
Application f5 big-ip_advanced_firewall_manager < 17.0.0.2 Yes
Application f5 big-ip_analytics ≤ 13.1.5 Yes
Application f5 big-ip_analytics < 14.1.5.3 Yes
Application f5 big-ip_analytics < 15.1.8 Yes
Application f5 big-ip_analytics < 16.1.3.3 Yes
Application f5 big-ip_analytics < 17.0.0.2 Yes
Application f5 big-ip_application_acceleration_manager ≤ 13.1.5 Yes
Application f5 big-ip_application_acceleration_manager < 15.1.8 Yes
Application f5 big-ip_application_acceleration_manager < 16.1.3.3 Yes
Application f5 big-ip_application_acceleration_manager < 17.0.0.2 Yes
Application f5 big-ip_application_security_manager ≤ 13.1.5 Yes
Application f5 big-ip_application_security_manager < 14.1.5.3 Yes
Application f5 big-ip_application_security_manager < 15.1.8 Yes
Application f5 big-ip_application_security_manager < 16.1.3.3 Yes
Application f5 big-ip_application_security_manager < 17.0.0.2 Yes
Application f5 big-ip_ddos_hybrid_defender ≤ 13.1.5 Yes
Application f5 big-ip_ddos_hybrid_defender < 14.1.5.3 Yes
Application f5 big-ip_ddos_hybrid_defender < 15.1.8 Yes
Application f5 big-ip_ddos_hybrid_defender < 16.1.3.3 Yes
Application f5 big-ip_domain_name_system < 14.1.5.3 Yes
Application f5 big-ip_domain_name_system < 15.1.8 Yes
Application f5 big-ip_domain_name_system < 16.1.3.3 Yes
Application f5 big-ip_domain_name_system < 17.0.0.2 Yes
Application f5 big-ip_fraud_protection_service ≤ 13.1.5 Yes
Application f5 big-ip_fraud_protection_service < 15.1.8 Yes
Application f5 big-ip_fraud_protection_service < 16.1.3.3 Yes
Application f5 big-ip_fraud_protection_service < 17.0.0.2 Yes
Application f5 big-ip_link_controller ≤ 13.1.5 Yes
Application f5 big-ip_link_controller < 14.1.5.3 Yes
Application f5 big-ip_link_controller < 15.1.8 Yes
Application f5 big-ip_link_controller < 16.1.3.3 Yes
Application f5 big-ip_link_controller < 17.0.0.2 Yes
Application f5 big-ip_local_traffic_manager ≤ 13.1.5 Yes
Application f5 big-ip_local_traffic_manager < 14.1.5.3 Yes
Application f5 big-ip_local_traffic_manager < 15.1.8 Yes
Application f5 big-ip_local_traffic_manager < 16.1.3.3 Yes
Application f5 big-ip_local_traffic_manager < 17.0.0.2 Yes
Application f5 big-ip_policy_enforcement_manager ≤ 13.1.5 Yes
Application f5 big-ip_policy_enforcement_manager < 14.1.5.3 Yes
Application f5 big-ip_policy_enforcement_manager < 15.1.8 Yes
Application f5 big-ip_policy_enforcement_manager < 16.1.3.3 Yes
Application f5 big-ip_policy_enforcement_manager < 17.0.0.2 Yes
Application f5 big-ip_ssl_orchestrator ≤ 13.1.5 Yes
Application f5 big-ip_ssl_orchestrator < 14.1.5.3 Yes
Application f5 big-ip_ssl_orchestrator < 15.1.8 Yes
Application f5 big-ip_ssl_orchestrator < 16.1.3.3 Yes
Application f5 big-ip_ssl_orchestrator < 17.0.0.2 Yes
References